Cloud Security Podcast by Google
Technology
Guest:
Jennifer Fernick, Senor Staff Security Engineer and UTL, Google
Topics:
Since one of us (!) doesn't have a PhD in quantum mechanics, could you explain what a quantum computer is and how do we know they are on a credible path towards being real threats to cryptography? How soon do we need to worry about this one?
We’ve heard that quantum computers are more of a threat to asymmetric/public key crypto than symmetric crypto. First off, why? And second, what does this difference mean for defenders?
Why (how) are we sure this is coming? Are we mitigating a threat that is perennially 10 years ahead and then vanishes due to some other broad technology change?
What is a post-quantum algorithm anyway? If we’re baking new key exchange crypto into our systems, how confident are we that we are going to be resistant to both quantum and traditional cryptanalysis?
Why does NIST think it's time to be doing the PQC thing now? Where is the rest of the industry on this evolution?
How can a person tell the difference here between reality and snakeoil? I think Anton and I both responded to your initial email with a heavy dose of skepticism, and probably more skepticism than it deserved, so you get the rare on-air apology from both of us!
Resources:
Securing tomorrow today: Why Google now protects its internal communications from quantum threats
How Google is preparing for a post-quantum world
NIST PQC standards
PQ Crypto conferences
“Quantum Computation & Quantum Information” by Nielsen & Chuang book
“Quantum Computing Since Democritus” by Scott Aaronson book
EP154 Mike Schiffman: from Blueboxing to LLMs via Network Security at Google
EP174 How to Measure and Improve Your Cloud Incident Response Readiness: A New Framework
EP173 SAIF in Focus: 5 AI Security Risks and SAIF Mitigations
EP172 RSA 2024: Separating AI Signal from Noise, SecOps Evolves, XDR Declines?
EP171 GenAI in the Wrong Hands: Unmasking the Threat of Malicious AI and Defending Against the Dark Side
EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC
EP169 Google Cloud Next 2024 Recap: Is Cloud an Island, So Much AI, Bots in SecOps
EP168 Beyond Regular LLMs: How SecLM Enhances Security and What Teams Can Do With It
EP167 Stolen Cards and Fake Accounts: Defending Google Cloud Against Abuse
EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!)
EP165 Your Cloud Is Not a Pet - Decoding 'Shifting Left' for Cloud Security
EP163 Cloud Security Megatrends: Myths, Realities, Contentious Debates and Of Course AI
EP162 IAM in the Cloud: What it Means to Do It 'Right' with Kat Traxler
EP161 Cloud Compliance: A Lawyer - Turned Technologist! - Perspective on Navigating the Cloud
EP160 Don't Cloud Your Judgement: Security and Cloud Migration, Again!
EP159 Workspace Security: Built for the Modern Threat. But How?
EP158 Ghostbusters for the Cloud: Who You Gonna Call for Cloud Forensics
EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud
EP156 Living Off the Land and Attacking Critical Infrastructure: Mandiant Incident Deep Dive
EP155 Cyber, Geopolitics, AI, Cloud - All in One Book?
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired